----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/56163/ -----------------------------------------------------------
(Updated Feb. 16, 2017, 8:49 a.m.) Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Ramesh Mani, Selvamohan Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy. Changes ------- Addressed review comments Bugs: RANGER-1341 https://issues.apache.org/jira/browse/RANGER-1341 Repository: ranger Description ------- **Problem Statement :** Below mentioned passwords properties in Ranger Admin and usersync contains password in clear text. password should not be stored in clear text format rather it should be stored in jceks file. ranger.service.https.attrib.keystore.pass ranger.truststore.password ranger.usersync.keystore.password ranger.usersync.truststore.password **Proposed Solution :** Use Credential provider api to store password in jceks file. Diffs (updated) ----- embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServer.java 9668e47 jisql/src/main/java/org/apache/util/sql/MySQLPLRunner.java 8b51972 kms/config/webserver/ranger-kms-site.xml 81f3f17 kms/scripts/install.properties 473d3cf kms/scripts/setup.sh f31e0e2 security-admin/scripts/install.properties 34dec22 security-admin/scripts/setup.sh f7e02d9 security-admin/src/main/java/org/apache/ranger/common/PropertiesUtil.java 830a049 security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml 08ed436 security-admin/src/main/resources/conf.dist/ranger-admin-site.xml 5f89caa src/main/assembly/admin-web.xml 966033f tagsync/scripts/setup.py 88b10cc ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java a4b12b2 unixauthservice/scripts/install.properties 50e8487 unixauthservice/scripts/setup.py b773e95 unixauthservice/scripts/templates/ranger-ugsync-template.xml 74bce8a unixauthservice/src/main/java/org/apache/ranger/authentication/UnixAuthenticationService.java 175307f Diff: https://reviews.apache.org/r/56163/diff/ Testing ------- 1. Tested Ranger on SSL enabled MySQL. 2. Tested Ranger with and without SSL. 3. Tested HDFS plugin enforecement using SSL enabled Ranger admin. 4. Tested KMS plugin enforecement using SSL enabled Ranger admin. 5. Tested LDAP and UNIX UserSync. 6. Tested LDAP and UNIX Authentication. 7. Tested Knox Test connection. Thanks, Pradeep Agrawal